npm - @tiledesk/tiledesk-server - Versions diffs - 2.17.3 → 2.18.1 - Mend

@tiledesk/tiledesk-server 2.17.3 → 2.18.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (50) hide show

package/CHANGELOG.md +7 -0
package/app.js +2 -0
package/archive.sh +92 -0
package/channels/chat21/chat21WebHook.js +6 -1
package/event/authEvent.js +16 -0
package/event/projectUserEvent.js +39 -0
package/event/roleEvent.js +9 -0
package/middleware/has-role.js +160 -121
package/middleware/passport.js +180 -179
package/migrations/1757601159298-project_user_role_type.js +45 -0
package/models/department.js +3 -0
package/models/groupMemberSchama.js +19 -0
package/models/kb_setting.js +6 -2
package/models/permissionConstants.js +19 -0
package/models/project_user.js +86 -8
package/models/request.js +1 -0
package/models/role.js +31 -0
package/models/roleConstants.js +2 -0
package/package.json +1 -1
package/pubmodules/analytics/analytics.js +2 -2
package/pubmodules/cache/mongoose-cachegoose-fn.js +37 -0
package/pubmodules/canned/cannedResponseRoute.js +34 -6
package/pubmodules/routing-queue/listener.js +7 -1
package/pubmodules/trigger/rulesTrigger.js +1 -6
package/routes/auth.js +3 -1
package/routes/department.js +7 -1
package/routes/kb.js +25 -1
package/routes/message.js +4 -1
package/routes/project.js +41 -3
package/routes/project_user.js +62 -11
package/routes/request.js +32 -30
package/routes/roles.js +151 -0
package/routes/unanswered.js +1 -1
package/routes/webhook.js +18 -13
package/routes/widget.js +3 -1
package/services/cacheEnabler.js +5 -8
package/services/departmentService.js +39 -11
package/services/emailService.js +2 -2
package/services/pendingInvitationService.js +2 -0
package/services/projectService.js +3 -1
package/services/projectUserService.js +67 -4
package/services/subscriptionNotifierQueued.js +8 -0
package/services/updateRequestSnapshotQueued.js +0 -3
package/test/departmentService.js +5 -0
package/test/messageRoute.js +7 -4
package/test/projectUserRoute.js +116 -0
package/test/requestService.js +7 -3
package/test-int/bot.js +3 -2
package/websocket/webSocketServer.js +273 -225
package/routes/auth_newjwt.js +0 -648

package/websocket/webSocketServer.js CHANGED Viewed

@@ -24,6 +24,7 @@ var cacheUtil = require('../utils/cacheUtil');
 var mongoose = require('mongoose');
 const requestConstants = require("../models/requestConstants");
 var RoleConstants = require('../models/roleConstants');
+var projectUserService = require("../services/projectUserService");
 let configSecretOrPubicKay = process.env.GLOBAL_SECRET || config.secret;
@@ -60,6 +61,7 @@ function logInvalidToken(req, err) {
 var cacheEnabler = require("../services/cacheEnabler");
 var lastRequestsLimit = process.env.WS_HISTORY_REQUESTS_LIMIT || 100;
 winston.debug('lastRequestsLimit:' + lastRequestsLimit);
@@ -129,7 +131,7 @@ class WebSocketServer {
               //   winston.debug('hasRoleAsPromise project_user',project_user);
               // winston.debug('ok websocket');
-              User.findOne({ _id: identifier, status: 100 }, 'email firstname lastname emailverified id')     //TODO user_cache_here ma attento select.. ATTENTO SERVER SELECT??
+             User.findOne({ _id: identifier, status: 100 }, 'email firstname lastname emailverified id')     //TODO user_cache_here ma attento select.. ATTENTO SERVER SELECT??
                 //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, "users:id:"+identifier)    //user_cache
                 .exec(function (err, user) {
@@ -229,7 +231,7 @@ class WebSocketServer {
           winston.debug('project cache enabled for websocket');
         }
-        return q.exec(function (err, project) {
+        return q.exec(async (err, project) => {
           if (err) {
             winston.error('WebSocket - Error getting  Project', err);
             return reject(err);
@@ -248,68 +250,81 @@ class WebSocketServer {
             // winston.debug(' req.: ',req);
-            Project_user.findOne({ id_project: projectId, id_user: req.user._id, $or: [{ "role": "agent" }, { "role": "admin" }, { "role": "owner" }], status: "active" })
-              //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:role:teammate:"+req.user._id)
-              .exec(function (err, projectuser) {
-                if (err) {
-                  winston.error('WebSocket error getting Project_user', err);
-                  return reject(err);
-                }
-                if (!projectuser) {
-                  winston.verbose('WebSocket project_user not found for user id ' + req.user._id + ' and projectid ' + projectId);
-                  return reject({ err: 'Project_user not found for user id ' + req.user._id + ' and projectid ' + projectId });
-                }
+            try {
+              var projectuser = await projectUserService.getWithPermissions(req.user._id, projectId, req.user.sub);
+            } catch(err) {
+              winston.error('WebSocket error getting Project_user', err);
+              return reject(err);
+            }
-                var queryRequest = { id_project: projectId, request_id: recipientId };
+            // Project_user.findOne({ id_project: projectId, id_user: req.user._id, roleType: RoleConstants.TYPE_AGENTS, status: "active" })
+            //   //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:role:teammate:"+req.user._id)
+            //   .exec(function (err, projectuser) {
+            //     if (err) {
+            //       winston.error('WebSocket error getting Project_user', err);
+            //       return reject(err);
+            //     }
+              if (!projectuser) {
+                winston.verbose('WebSocket project_user not found for user id ' + req.user._id + ' and projectid ' + projectId);
+                return reject({ err: 'Project_user not found for user id ' + req.user._id + ' and projectid ' + projectId });
+              }
+              var queryRequest = { id_project: projectId, request_id: recipientId };
+              // request_role_check_imp
+              if (projectuser.hasPermissionOrRole('request_read_all', ["owner", "admin"])) {
+                winston.debug('queryRequest admin: ' + JSON.stringify(queryRequest));
+              }
+              else if (projectuser.hasPermissionOrRole('request_read_group', ["agent"])) {
+                queryRequest["$or"] = [{ "snapshot.agents.id_user": req.user.id }, { "participants": req.user.id }]
+              } else {
+                winston.debug('queryRequest agent: ' + JSON.stringify(queryRequest));
+                queryRequest["participants"] = req.user.id;
+              }
+              // requestcachefarequi nocachepopulatereqired
+              winston.debug("main_flow_cache_3 websocket1");
+              Request.findOne(queryRequest)
+                .exec(function (err, request) {
-                if (projectuser.role == "owner" || projectuser.role == "admin") {
-                  winston.debug('queryRequest admin: ' + JSON.stringify(queryRequest));
-                } else {
-                  queryRequest["$or"] = [{ "snapshot.agents.id_user": req.user.id }, { "participants": req.user.id }]
-                  winston.debug('queryRequest agent: ' + JSON.stringify(queryRequest));
-                }
+                  if (err) {
+                    winston.error('WebSocket Error finding request for onSubscribeCallback', err);
+                    return reject(err);
+                  }
+                  if (!request) {
+                    winston.verbose('WebSocket Request query not found for user id ' + req.user._id + ' and projectid ' + projectId);
+                    return reject({ err: 'Request query not found for user id ' + req.user._id + ' and projectid ' + projectId });
+                  }
-                // requestcachefarequi nocachepopulatereqired
-                Request.findOne(queryRequest)
-                  .exec(function (err, request) {
+                  winston.debug('found request for onSubscribeCallback', request);
-                    if (err) {
-                      winston.error('WebSocket Error finding request for onSubscribeCallback', err);
-                      return reject(err);
-                    }
-                    if (!request) {
-                      winston.verbose('WebSocket Request query not found for user id ' + req.user._id + ' and projectid ' + projectId);
-                      return reject({ err: 'Request query not found for user id ' + req.user._id + ' and projectid ' + projectId });
-                    }
-                    winston.debug('found request for onSubscribeCallback', request);
+                  var query = { id_project: projectId, recipient: recipientId };
+                  winston.debug('query : ' + JSON.stringify(query));
+                  Message.find(query).sort({ createdAt: 'asc' })
+                    .limit(messagesLimit).exec(function (err, messages) {
-                    var query = { id_project: projectId, recipient: recipientId };
-                    winston.debug('query : ' + JSON.stringify(query));
+                      if (err) {
+                        winston.error('WebSocket Error finding message for onSubscribeCallback', err);
+                        return reject(err);
+                      }
+                      winston.debug('onSubscribeCallback find', messages);
-                    Message.find(query).sort({ createdAt: 'asc' })
-                      .limit(messagesLimit).exec(function (err, messages) {
-                        if (err) {
-                          winston.error('WebSocket Error finding message for onSubscribeCallback', err);
-                          return reject(err);
+                      return resolve({
+                        publishFunction: function () {
+                          // handlePublishMessageToClientId (topic, message, clientId, method) {
+                          pubSubServer.handlePublishMessageToClientId(topic, messages, clientId, "CREATE");
                         }
-                        winston.debug('onSubscribeCallback find', messages);
-                        return resolve({
-                          publishFunction: function () {
-                            // handlePublishMessageToClientId (topic, message, clientId, method) {
-                            pubSubServer.handlePublishMessageToClientId(topic, messages, clientId, "CREATE");
-                          }
-                        });
                       });
-                  });
-              });
+                    });
+                });
+              // });
           } else if (topic.endsWith('/requests')) {
@@ -319,179 +334,186 @@ class WebSocketServer {
             winston.debug('find project_user');
-            Project_user.findOne({ id_project: projectId, id_user: req.user._id, $or: [{ "role": "agent" }, { "role": "admin" }, { "role": "owner" }], status: "active" })
-              //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:role:teammate:"+req.user._id)
-              .exec(function (err, projectuser) {
-                if (err) {
-                  winston.error('WebSocket error getting Project_user', err);
-                  return reject(err);
-                }
-                if (!projectuser) {
-                  winston.verbose('WebSocket Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId);
-                  return reject({ err: 'Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId });
-                }
-                winston.debug('projectuser', projectuser.toObject());
-                // db.getCollection('requests').find({"id_project":"5e15bef09877c800176d217f","status":{"$lt":1000},"$or":[{"agents":{"id_user":"5ddd30bff0195f0017f72c6d"}},{"participants":"5ddd30bff0195f0017f72c6d"}]})
-                // pubblica dopo toni
-                var query = { "id_project": projectId, "status": { $lt: 1000, $gt: 50 }, preflight: false, "draft": { $in: [false, null] } };
-                // add hasBot:false
-                // var query = {"id_project":projectId, "status": { $lt: 1000, $gt: 50 }, $or:[ {preflight:false}, { preflight : { $exists: false } } ] };
-                //  qui1000
-                // var query = { id_project: projectId, statusObj: {closed:false, preflight:false} };
-                var cacheUserId;
-                if (projectuser.role == "owner" || projectuser.role == "admin") {
-                  winston.debug('query admin: ' + JSON.stringify(query));
-                  cacheUserId = "/admin-owner";
-                } else {
-                  query["$or"] = [{ "snapshot.agents.id_user": req.user.id }, { "participants": req.user.id }]
-                  winston.debug('query agent: ' + JSON.stringify(query));
-                  cacheUserId = "/agent/" + req.user.id;
-                }
-                //cacheimportantehere
-                // requestcachefarequi populaterequired
-                //  TODO  proviamo a fare esempio con 100 agenti tutti
-                // elimina capo availableAgents (chiedi a Nico se gli usa altrimenti metti a select false)
-                var startDate = new Date();
-                Request.find(query)
-                  .select("+snapshot.agents")
-                  // .populate('lead') //??
-                  // .populate('department')
-                  // .populate('participatingBots')
-                  // .populate('participatingAgents')
-                  // .populate({path:'requester',populate:{path:'id_user'}})
-                  .sort({ updatedAt: 'desc' })
-                  .limit(lastRequestsLimit)
-                  // DISABLED 23Marzo2021 per problema request.snapshot.requester.isAuthenticated = undefined
-                  .lean() //https://www.tothenew.com/blog/high-performance-find-query-using-lean-in-mongoose-2/ https://stackoverflow.com/questions/33104136/mongodb-mongoose-slow-query-when-fetching-10k-documents
-                  //@DISABLED_CACHE .cache(cacheUtil.queryTTL, projectId+":requests:query:status-50-1000:preflight-false:select_snapshot_agents:"+cacheUserId)
-                  .exec(function (err, requests) {
-                    if (err) {
-                      winston.error('WebSocket Error finding request for onSubscribeCallback', err);
-                      return reject(err);
-                    }
-                    winston.debug('found requests for onSubscribeCallback', requests);
-                    if (requests && requests.length > 0) {
-                      requests.forEach(request => {
+            try {
+              var projectuser = await projectUserService.getWithPermissions(req.user._id, projectId, req.user.sub);
+            } catch(err) {
+              winston.error('WebSocket error getting Project_user', err);
+              return reject(err);
+            }
+            // Project_user.findOne({ id_project: projectId, id_user: req.user._id, roleType: RoleConstants.TYPE_AGENTS, status: "active" })
+            //   //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:role:teammate:"+req.user._id)
+            //   .exec(function (err, projectuser) {
+            //     if (err) {
+            //       winston.error('WebSocket error getting Project_user', err);
+            //       return reject(err);
+            //     }
+            if (!projectuser) {
+              winston.verbose('WebSocket Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId);
+              return reject({ err: 'Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId });
+            }
+            winston.debug('projectuser', projectuser.toObject());
+            var query = { "id_project": projectId, "status": { $lt: 1000, $gt: 50, $ne: 150 }, preflight: false, "draft": { $in: [false, null] } };
+            if (projectuser.hasPermissionOrRole('request_read_all', ["owner", "admin"])) {
+              winston.debug('ws requests query admin: ' + JSON.stringify(query));
+            } else if (projectuser.hasPermissionOrRole('request_read_group', ["agent"])) {
+              query["$or"] = [{ "snapshot.agents.id_user": req.user.id }, { "participants": req.user.id }];
+              winston.debug('ws requests query agent: ' + JSON.stringify(query));
+            } else {
+              query["participants"] = req.user.id;
+              winston.debug('ws requests query agent limited: ' + JSON.stringify(query));
+            }
-                        request.id = request._id; //importante
+            //cacheimportantehere
+            // requestcachefarequi populaterequired
+            winston.debug('found Request.find(query)');
+            //  TODO  proviamo a fare esempio con 100 agenti tutti
+            // elimina capo availableAgents (chiedi a Nico se gli usa altrimenti metti a select false)
+            var startDate = new Date();
+            Request.find(query)
+              .select("+snapshot.agents")
+              // .populate('lead') //??
+              // .populate('department')
+              // .populate('participatingBots')
+              // .populate('participatingAgents')
+              // .populate({path:'requester',populate:{path:'id_user'}})
+              .sort({ updatedAt: 'desc' })
+              .limit(lastRequestsLimit)
+              // DISABLED 23Marzo2021 per problema request.snapshot.requester.isAuthenticated = undefined
+              .lean() //https://www.tothenew.com/blog/high-performance-find-query-using-lean-in-mongoose-2/ https://stackoverflow.com/questions/33104136/mongodb-mongoose-slow-query-when-fetching-10k-documents
+              //@DISABLED_CACHE .cache(cacheUtil.queryTTL, projectId+":requests:query:status-50-1000:preflight-false:select_snapshot_agents:"+cacheUserId)
+              .exec(function (err, requests) {
-                        if (request.lead) {
-                          //    request.requester_id =    request.lead._id; //parla con NICO di questo
-                          request.requester_id = request.lead;
-                        } else {
-                          request.requester_id = null;
-                        }
+                if (err) {
+                  winston.error('WebSocket Error finding request for onSubscribeCallback', err);
+                  return reject(err);
+                }
+                winston.debug('found requests for onSubscribeCallback', requests);
-                        if (request.snapshot.requester) {
-                          if (request.snapshot.requester.role === RoleConstants.GUEST) {
-                            request.snapshot.requester.isAuthenticated = false;
-                          } else {
-                            request.snapshot.requester.isAuthenticated = true;
-                          }
+                if (requests && requests.length > 0) {
+                  requests.forEach(request => {
-                        }
+                    request.id = request._id; //importante
-                        // attento qui
-                        if (request.snapshot.agents && request.snapshot.agents.length > 0) {
-                          var agentsnew = [];
-                          request.snapshot.agents.forEach(a => {
-                            agentsnew.push({ id_user: a.id_user })  //remove unnecessary request.agents[].project_user fields. keep only id_user
-                          });
-                          request.snapshot.agents = agentsnew;
-                        }
+                    if (request.lead) {
+                      //    request.requester_id =    request.lead._id; //parla con NICO di questo
+                      request.requester_id = request.lead;
+                    } else {
+                      request.requester_id = null;
+                    }
+                    if (request.snapshot.requester) {
+                      if (request.snapshot.requester.role === RoleConstants.GUEST) {
+                        request.snapshot.requester.isAuthenticated = false;
+                      } else {
+                        request.snapshot.requester.isAuthenticated = true;
+                      }
+                    }
+                    // attento qui
+                    if (request.snapshot.agents && request.snapshot.agents.length > 0) {
+                      var agentsnew = [];
+                      request.snapshot.agents.forEach(a => {
+                        agentsnew.push({ id_user: a.id_user })  //remove unnecessary request.agents[].project_user fields. keep only id_user
                       });
+                      request.snapshot.agents = agentsnew;
                     }
-                    var endDate = new Date();
-                    winston.debug('ws count: ' + query + ' ' + requests.length + ' ' + startDate + ' ' + endDate + ' ' + endDate - startDate)
-                    return resolve({
-                      publishFunction: function () {
-                        // handlePublishMessageToClientId (topic, message, clientId, method) {
-                        pubSubServer.handlePublishMessageToClientId(topic, requests, clientId, "CREATE");
-                      }
-                    });
                   });
+                }
+                var endDate = new Date();
+                winston.debug('ws count: ' + query + ' ' + requests.length + ' ' + startDate + ' ' + endDate + ' ' + endDate - startDate)
+                return resolve({
+                  publishFunction: function () {
+                    // handlePublishMessageToClientId (topic, message, clientId, method) {
+                    pubSubServer.handlePublishMessageToClientId(topic, requests, clientId, "CREATE");
+                  }
+                });
               });
+              // });
           } else if (topic.indexOf('/project_users/users/') > -1) {
             var userId = urlSub[4];
             winston.debug('userId: ' + userId);
-            //check if current user can see the data
-            Project_user.findOne({ id_project: projectId, id_user: req.user._id, $or: [{ "role": "agent" }, { "role": "admin" }, { "role": "owner" }], status: "active" })
-              //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:role:teammate:"+req.user._id)
-              .exec(function (err, currentProjectuser) {
-                if (err) {
-                  winston.error('WebSocket error getting  Project_user', err);
-                  return reject(err);
-                }
-                if (!currentProjectuser) {
-                  winston.verbose('WebSocket Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId);
-                  return reject({ err: 'Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId });
-                }
-                winston.debug('currentProjectuser', currentProjectuser.toObject());
+            try {
+              var currentProjectuser = await projectUserService.getWithPermissions(req.user._id, projectId, req.user.sub);
+            } catch(err) {
+              winston.error('WebSocket error getting Project_user', err);
+              return reject(err);
+            }
+            // //check if current user can see the data
+            // Project_user.findOne({ id_project: projectId, id_user: req.user._id, roleType: RoleConstants.TYPE_AGENTS, status: "active" })
+            //   //@DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:role:teammate:"+req.user._id)
+            //   .exec(function (err, currentProjectuser) {
+            //     if (err) {
+            //       winston.error('WebSocket error getting  Project_user', err);
+            //       return reject(err);
+            //     }
+            if (!currentProjectuser) {
+              winston.verbose('WebSocket Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId);
+              return reject({ err: 'Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId });
+            }
+            winston.debug('currentProjectuser', currentProjectuser.toObject());
-                var isObjectId = mongoose.Types.ObjectId.isValid(userId);
-                winston.debug("isObjectId:" + isObjectId);
-                var query = { id_project: projectId, status: "active" };
-                winston.debug(' query: ', query);
+            var isObjectId = mongoose.Types.ObjectId.isValid(userId);
+            winston.debug("isObjectId:" + isObjectId);
-                if (isObjectId) {
-                  query.id_user = userId;
-                } else {
-                  query.uuid_user = userId;
-                }
+            var query = { id_project: projectId, status: "active" };
+            winston.debug(' query: ', query);
-                Project_user.findOne(query)
-                  // @DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:users:"+userId)
-                  .exec(function (err, projectuser) {
-                    if (err) {
-                      winston.error('WebSocket error getting  Project_user', err);
-                      return reject(err);
-                    }
-                    if (!projectuser) {
-                      winston.verbose('WebSocket Project_user not found with user id ' + userId + ' and projectid ' + projectId);
-                      return reject({ err: 'Project_user not found with user id ' + userId + ' and projectid ' + projectId });
-                    }
+            if (isObjectId) {
+              query.id_user = userId;
+            } else {
+              query.uuid_user = userId;
+            }
+            Project_user.findOne(query)
+              // @DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:users:"+userId)
+              .exec(function (err, projectuser) {
+                if (err) {
+                  winston.error('WebSocket error getting  Project_user', err);
+                  return reject(err);
+                }
+                if (!projectuser) {
+                  winston.verbose('WebSocket Project_user not found with user id ' + userId + ' and projectid ' + projectId);
+                  return reject({ err: 'Project_user not found with user id ' + userId + ' and projectid ' + projectId });
+                }
-                    var pu = projectuser.toJSON();
-                    pu.isBusy = ProjectUserUtil.isBusy(projectuser, project.settings && project.settings.max_agent_assigned_chat);
+                var pu = projectuser.toJSON();
+                pu.isBusy = ProjectUserUtil.isBusy(projectuser, project.settings && project.settings.max_agent_assigned_chat);
-                    return resolve({
-                      publishFunction: function () {
-                        // handlePublishMessageToClientId (topic, message, clientId, method) {
-                        pubSubServer.handlePublishMessageToClientId(topic, pu, clientId, "CREATE");
-                      }
-                    });
+                return resolve({
+                  publishFunction: function () {
+                    // handlePublishMessageToClientId (topic, message, clientId, method) {
+                    pubSubServer.handlePublishMessageToClientId(topic, pu, clientId, "CREATE");
+                  }
+                });
-                  });
+              });
-              });
+              // });
             // tilebase.send('{ "action": "subscribe", "payload": { "topic": "/5e71139f61dd040bc9594cee/project_users/5e71139f61dd040bc9594cef"}}')
@@ -505,7 +527,7 @@ class WebSocketServer {
             winston.debug('puId: ' + puId);
             //var query = { _id: puId, id_project: projectId};
-            var query = { _id: puId, id_project: projectId, id_user: req.user._id, $or: [{ "role": "agent" }, { "role": "admin" }, { "role": "owner" }], status: "active" };
+            var query = { _id: puId, id_project: projectId, id_user: req.user._id, roleType: RoleConstants.TYPE_AGENTS, status: "active" };
             winston.debug(' query: ', query);
             Project_user.findOne(query)
@@ -610,55 +632,74 @@ class WebSocketServer {
             var recipientId = urlSub[3];
             winston.debug('recipientId: ' + recipientId);
-            Project_user.findOne({ id_project: projectId, id_user: req.user._id, $or: [{ "role": "agent" }, { "role": "admin" }, { "role": "owner" }], status: "active" })
-              // @DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:role:teammate:"+req.user._id)
-              .exec(function (err, projectuser) {
-                if (err) {
-                  winston.error('WebSocket error getting Project_user', err);
-                  return reject(err);
-                }
-                if (!projectuser) {
-                  winston.verbose('WebSocket Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId);
-                  return reject({ err: 'Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId });
-                }
+            try {
+              var projectuser = await projectUserService.getWithPermissions(req.user._id, projectId, req.user.sub);
+            } catch(err) {
+              winston.error('WebSocket error getting Project_user', err);
+              return reject(err);
+            }
-                var query = { id_project: projectId, request_id: recipientId };
-                winston.debug('query: ' + JSON.stringify(query));
+            // Project_user.findOne({ id_project: projectId, id_user: req.user._id, roleType: RoleConstants.TYPE_AGENTS, status: "active" })
+            //   // @DISABLED_CACHE .cache(cacheUtil.defaultTTL, projectId+":project_users:role:teammate:"+req.user._id)
+            //   .exec(function (err, projectuser) {
+            //     if (err) {
+            //       winston.error('WebSocket error getting Project_user', err);
+            //       return reject(err);
+            //     }
+            if (!projectuser) {
+              winston.verbose('WebSocket Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId);
+              return reject({ err: 'Project_user not found with user id ' + req.user._id + ' and projectid ' + projectId });
+            }
-                if (projectuser.role == "owner" || projectuser.role == "admin") {
-                  winston.debug('query admin: ' + JSON.stringify(query));
-                } else {
-                  query["$or"] = [{ "snapshot.agents.id_user": req.user.id }, { "participants": req.user.id }]
-                  winston.debug('query agent: ' + JSON.stringify(query));
-                }
+            var query = { id_project: projectId, request_id: recipientId };
+            winston.debug('query: ' + JSON.stringify(query));
-                // requestcachefarequi populaterequired
+            // request_role_check
-                Request.findOne(query)
-                  .populate('lead')
-                  .populate('department')
-                  .populate('participatingBots')
-                  .populate('participatingAgents')
-                  .populate({ path: 'requester', populate: { path: 'id_user' } })
-                  .sort({ updatedAt: 'asc' }).exec(function (err, request) {
+            if (projectuser.hasPermissionOrRole('request_read_all', ["owner", "admin"])) {
+              winston.debug('query admin: ' + JSON.stringify(query));
+            } else if (projectuser.hasPermissionOrRole('request_read_group', ["agent"])) {
-                    if (err) {
-                      winston.error('WebSocket Error finding request for onSubscribeCallback', err);
-                      return reject(err);
-                    }
-                    winston.debug('onSubscribeCallback find', request);
+              query["$or"] = [{ "snapshot.agents.id_user": req.user.id }, { "participants": req.user.id }]
-                    return resolve({
-                      publishFunction: function () {
-                        // handlePublishMessageToClientId (topic, message, clientId, method) {
-                        pubSubServer.handlePublishMessageToClientId(topic, request, clientId, "CREATE");
-                      }
-                    });
+            }
+            // else if (projectuser.hasPermissionOrRole('request_read_mine', ["????"])) {
+            //   query["participants"] = req.user.id;
+            // }
+            else {
+              query["participants"] = req.user.id;
+              // generate empty requests response
+            }
-                  });
+            // requestcachefarequi populaterequired
+            winston.debug('info: main_flow_cache_2.2');
+            Request.findOne(query)
+              .populate('lead')
+              .populate('department')
+              .populate('participatingBots')
+              .populate('participatingAgents')
+              .populate({ path: 'requester', populate: { path: 'id_user' } })
+              .sort({ updatedAt: 'asc' }).exec(function (err, request) {
+                if (err) {
+                  winston.error('WebSocket Error finding request for onSubscribeCallback', err);
+                  return reject(err);
+                }
+                winston.debug('onSubscribeCallback find', request);
+                return resolve({
+                  publishFunction: function () {
+                    // handlePublishMessageToClientId (topic, message, clientId, method) {
+                    pubSubServer.handlePublishMessageToClientId(topic, request, clientId, "CREATE");
+                  }
+                });
               });
+              // });
           }
@@ -726,6 +767,8 @@ class WebSocketServer {
           // ATTENTO  https://stackoverflow.com/questions/64059795/mongodb-get-error-message-mongoerror-path-collision-at-activity
           try {
+            winston.debug("main_flow_cache_ws request find");
             var snapshotAgents = await Request.findById(request.id).select({ "snapshot": 1 }).exec(); //SEMBRA CHE RITORNI TUTTO LO SNAPSHOT INVECE CHE SOLO AGENTS
             winston.debug('snapshotAgents', snapshotAgents);
             // requestJSON.snapshot.agents = snapshotAgents;
@@ -743,6 +786,7 @@ class WebSocketServer {
             winston.error('Error getting snapshotAgents in ws. This is a mongo issue', e);
           }
+          // aggiungere controllo sui permessi qui
           pubSubServer.handlePublishMessage('/' + request.id_project + '/requests', request, undefined, true, "CREATE");
           pubSubServer.handlePublishMessage('/' + request.id_project + '/requests/' + request.request_id, request, undefined, true, "CREATE");
         }
@@ -777,6 +821,8 @@ class WebSocketServer {
           // ATTENTO  https://stackoverflow.com/questions/64059795/mongodb-get-error-message-mongoerror-path-collision-at-activity
           try {
+            winston.debug("main_flow_cache_ws request find 2");
+            // cache_next
             var snapshotAgents = await Request.findById(request.id).select({ "snapshot": 1 }).exec(); //SEMBRA CHE RITORNI TUTTO LO SNAPSHOT INVECE CHE SOLO AGENTS
             winston.debug('snapshotAgents', snapshotAgents);
             // requestJSON.snapshot.agents = snapshotAgents;
@@ -795,6 +841,8 @@ class WebSocketServer {
             winston.error('Error getting snapshotAgents in ws. This is a mongo issue', e);
           }
+          // aggiungere controllo sui permessi qui
           if (requestJSON.draft !== true) {
             pubSubServer.handlePublishMessage('/' + request.id_project + '/requests', requestJSON, undefined, true, "UPDATE");
           }